Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/eeb0c0-94f5-441a-8dd9-97b89c47d50a/1/u6J5LENnYwX8nm5exxLdEz2_h2c.roa
File: u6J5LENnYwX8nm5exxLdEz2_h2c.roa (raw, json)
Hash identifier: INwJHGONo1nALIZffEBnfmoOACQqmml5kcWh3sfVYeA=
Subject key identifier: BB:A2:79:2C:43:67:63:05:FC:9E:6E:5E:C7:12:DD:13:3D:BF:87:67
Certificate issuer: /CN=2cf1e41ce7c2424f9df88eb98464c9b0826be9c1
Certificate serial: 018CC49249715AC215190650F0DDFD22D35A
Authority key identifier: 2C:F1:E4:1C:E7:C2:42:4F:9D:F8:8E:B9:84:64:C9:B0:82:6B:E9:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LPHkHOfCQk-d-I65hGTJsIJr6cE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/eeb0c0-94f5-441a-8dd9-97b89c47d50a/1/u6J5LENnYwX8nm5exxLdEz2_h2c.roa
Signing time: Mon 01 Jan 2024 10:29:30 +0000
ROA not before: Mon 01 Jan 2024 10:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43719
IP address blocks: 91.198.126.0/24 maxlen: 24
2001:67c:1b1c::/48 maxlen: 48
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:49:71:5a:c2:15:19:06:50:f0:dd:fd:22:d3:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cf1e41ce7c2424f9df88eb98464c9b0826be9c1
Validity
Not Before: Jan 1 10:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bba2792c43676305fc9e6e5ec712dd133dbf8767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b1:88:c7:37:8f:1c:72:73:27:4e:73:38:aa:
a5:c3:41:19:ad:90:0b:7a:cf:40:ad:23:2e:41:81:
cd:b1:12:c3:31:d0:1b:05:24:6e:c6:8f:37:4f:45:
b3:42:8c:1e:4d:d5:6f:a4:72:60:c0:79:3c:7e:62:
de:44:3a:46:42:84:c8:c2:30:ca:52:0d:72:4e:81:
1d:78:7c:1a:c0:99:24:e8:cf:03:11:3b:fb:41:74:
09:cf:ff:01:5e:eb:56:16:80:72:b7:5c:e7:54:26:
b4:3d:be:07:ea:38:b3:a7:d4:2b:24:a9:e1:d7:fa:
19:18:b9:73:bb:36:ba:25:ed:f1:3e:66:15:e7:59:
1e:a0:dd:6f:e5:a3:b8:8d:35:1b:0f:0b:0b:b2:0a:
26:69:37:02:34:51:cf:59:38:da:1c:aa:8f:82:ec:
ba:d9:9b:43:cb:8f:68:3c:0d:62:ac:25:77:b3:49:
87:f5:de:fe:24:30:7c:a0:c0:01:fc:a4:7a:4a:38:
8d:9f:90:45:33:37:60:7f:e4:db:cf:38:c3:71:1f:
25:e7:56:9d:65:23:60:1e:9c:42:56:c4:ad:1e:3b:
d0:6f:01:16:88:04:17:b2:e3:0e:e7:66:89:7f:32:
1f:bb:ed:1a:94:eb:52:57:66:06:bd:9a:ea:25:da:
a4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:A2:79:2C:43:67:63:05:FC:9E:6E:5E:C7:12:DD:13:3D:BF:87:67
X509v3 Authority Key Identifier:
keyid:2C:F1:E4:1C:E7:C2:42:4F:9D:F8:8E:B9:84:64:C9:B0:82:6B:E9:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPHkHOfCQk-d-I65hGTJsIJr6cE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/eeb0c0-94f5-441a-8dd9-97b89c47d50a/1/u6J5LENnYwX8nm5exxLdEz2_h2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/eeb0c0-94f5-441a-8dd9-97b89c47d50a/1/LPHkHOfCQk-d-I65hGTJsIJr6cE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.126.0/24
IPv6:
2001:67c:1b1c::/48
Signature Algorithm: sha256WithRSAEncryption
71:e0:62:ec:58:34:6a:1a:77:44:d7:26:1c:60:90:ea:1d:4e:
17:ba:66:99:f7:2b:31:65:ea:b2:97:c7:ff:f1:6c:b4:30:a9:
d9:19:fc:fa:35:c7:6d:ed:87:f0:02:c7:ed:fe:12:d1:80:5a:
2b:ac:1f:55:66:e2:d6:00:b9:eb:f5:e8:f1:e8:ea:5b:81:35:
38:d3:85:42:cb:c8:b1:6a:5b:64:13:a0:ac:04:8c:af:78:0e:
17:52:75:f3:75:0d:f3:32:b3:d8:2a:8d:19:9a:14:24:b8:6c:
80:9d:2f:60:55:70:4d:df:43:e0:53:b9:70:d7:ca:f6:5b:2c:
2a:3e:91:aa:6b:99:37:ac:dc:f8:64:f9:df:72:8c:0a:f6:e3:
f2:06:b0:88:78:fb:35:c9:ac:5f:37:ad:5d:ab:35:d5:60:f8:
80:a9:9b:d4:9f:43:31:75:11:b9:39:62:e3:47:72:c7:1c:fe:
42:d0:b7:bc:43:27:4b:17:7e:a1:3f:22:54:66:15:d8:c2:49:
41:33:48:9b:29:82:ef:7e:57:d9:79:2e:0e:f2:db:bd:9c:48:
44:57:9f:00:d3:67:23:58:9e:b0:2a:de:23:25:09:35:76:4b:
22:4e:52:49:85:8b:c1:88:4c:73:6d:c9:10:e0:53:da:83:82:
59:9c:6b:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEkklxWsIVGQZQ8N39ItNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZjFlNDFjZTdjMjQyNGY5ZGY4OGViOTg0NjRjOWIwODI2
YmU5YzEwHhcNMjQwMTAxMTAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmEyNzkyYzQzNjc2MzA1ZmM5ZTZlNWVjNzEyZGQxMzNkYmY4NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbGIxzePHHJzJ05zOKqlw0EZrZAL
es9ArSMuQYHNsRLDMdAbBSRuxo83T0WzQoweTdVvpHJgwHk8fmLeRDpGQoTIwjDK
Ug1yToEdeHwawJkk6M8DETv7QXQJz/8BXutWFoByt1znVCa0Pb4H6jizp9QrJKnh
1/oZGLlzuza6Je3xPmYV51keoN1v5aO4jTUbDwsLsgomaTcCNFHPWTjaHKqPguy6
2ZtDy49oPA1irCV3s0mH9d7+JDB8oMAB/KR6SjiNn5BFMzdgf+TbzzjDcR8l51ad
ZSNgHpxCVsStHjvQbwEWiAQXsuMO52aJfzIfu+0alOtSV2YGvZrqJdqkUwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLuieSxDZ2MF/J5uXscS3RM9v4dnMB8GA1UdIwQY
MBaAFCzx5BznwkJPnfiOuYRkybCCa+nBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFBIa0hPZkNRay1kLUk2NWhHVEpzSUpyNmNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9lZWIwYzAtOTRmNS00NDFhLThkZDkt
OTdiODljNDdkNTBhLzEvdTZKNUxFTm5Zd1g4bm01ZXh4TGRFejJfaDJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9lZWIwYzAtOTRmNS00NDFhLThkZDktOTdiODljNDdkNTBh
LzEvTFBIa0hPZkNRay1kLUk2NWhHVEpzSUpyNmNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW8Z+MA8E
AgACMAkDBwAgAQZ8GxwwDQYJKoZIhvcNAQELBQADggEBAHHgYuxYNGoad0TXJhxg
kOodThe6Zpn3KzFl6rKXx//xbLQwqdkZ/Po1x23th/ACx+3+EtGAWiusH1Vm4tYA
uev16PHo6luBNTjThULLyLFqW2QToKwEjK94DhdSdfN1DfMys9gqjRmaFCS4bICd
L2BVcE3fQ+BTuXDXyvZbLCo+kaprmTes3Phk+d9yjAr24/IGsIh4+zXJrF83rV2r
NdVg+ICpm9SfQzF1Ebk5YuNHcscc/kLQt7xDJ0sXfqE/IlRmFdjCSUEzSJspgu9+
V9l5Lg7y272cSERXnwDTZyNYnrAq3iMlCTV2SyJOUkmFi8GITHNtyRDgU9qDglmc
aw0=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:57 2025 by rpki-client